Also, ransomware often uses a two-step process: symmetric encryption for files, then asymmetric encryption of that key. So without decrypting the symmetric key with the private key, files can’t be decrypted. Unless researchers found the private key through a vulnerability, which is possible in some cases.